Chrome, Linux users more likely to ignore browser security warnings

Chrome users are far more likely to ignore security warnings than users of the Firefox browser. The findings were outlined in a new study titled "Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness" that can be downloaded here(pdf).

"Users continued through 25 percent of Google Chrome's malware and phishing warnings, but only 10 percent of equivalent warnings from Mozilla Firefox," reports InformationWeek. "Similarly, users clicked through Chrome's SSL warning a whopping 70 percent of the time, versus only 33 percent for Firefox."

The study took into consideration some 25 million warning impressions in Google (NASDAQ: GOOG) Chrome and Mozilla Firefox from the months of May and June. Data was collected using the browsers' telemetry frameworks, which the authors explained is a mechanism for browser vendors to collect pseudonymous data from end users.

Not surprisingly, it appears that being more technical may predispose some users to click through certain types of warnings too--such as those on the Linux operating system. On the other hand, putting barriers, such as forcing users to click an extra button, does not appear to work that well.

The Fierce Take: While automated warning messages can be useful, the takeaway from the study is how they may not actually deter risk behavior in users. This seems to suggest that some basic understanding of a security warning may be necessary to influence users towards adopting safer computing. Enterprises may want to bear this in mind when making the settings of configuration or browser software.

For more:
- check out this article at The Register
- check out this article at InformationWeek

Comments

Join 20,000+ InsidersSIGN UP FOR OURNEWSLETTER

FierceCIO:TechWatch is a twice-weekly IT news update that covers IT security, hardware and storage, networking, software and more. Join 20,000+ IT management professionals who get FierceCIO:TechWatch via email. Sign up today!

THE LIBRARY: WHITEPAPER

The democratization of data is the process of expanding business information and the tools to analyze it out to a much broader audience than traditionally has had access. Evolving and complex technology landscapes compounded these limitations, as disconnected systems made it more difficult to get a unified view of the business. Many companies still struggle to get a single version of the truth across all areas of the enterprise. Learn more!

FierceCIO:TechWatch is a twice-weekly IT news update that covers IT security, hardware and storage, networking, software and more. Join 20,000+ IT management professionals who get FierceCIO:TechWatch via email.